Methods, Systems, and Products for Security Services

ABSTRACT

Methods, systems, and products are disclosed for notification of alarms in security systems. An alarm is detected in a security system. An alarm code is associated to a camera, and video data is retrieved from the camera. An alarm notification address is retrieved and the video data is sent to the IP alarm notification address.

BACKGROUND

Exemplary embodiments generally relate to communications and, moreparticularly, to alarm systems with video monitoring.

Security systems are common. When an alarm is detected, most securitysystems seize a phone line to call a central monitoring station. Thatis, a public-switched telephone network (“PSTN”) call is made, and alarmcodes are communicated, to alert the central monitoring station of thealarm. This PSTN-based security system is very reliable, but thetelephone call may require more than thirty (30) seconds to set-up thecall and to communicate the alarm codes. Moreover, once the phone lineis seized, and while the call is in progress, a customer is unable tomake or receive calls to other numbers—such as “911.” These conventionalsecurity systems may also lack an ability to remotely request videoassociated with the alarm.

SUMMARY

Exemplary embodiments notify of alarms detected by security systems.Exemplary embodiments, though, utilize packet data communications, bothwireline (e.g., ADSL, VDSL and cable modem) and wireless (GPRS, Edge,3G, and LTE), to replace circuit switched communications over the PublicSwitched Telephone Network (PSTN) when reporting alarms to a centralmonitoring station. Exemplary embodiments, in other words, exchange datawith the central monitoring station over a packet data network, insteadof using the conventional public-switched telephone network (“PSTN”).Once an alarm is received by the central monitoring station, an agent atthe central monitoring station may attempt to contact the customer toverify that a legitimate alarm condition exists before the agent summonspolice, fire, or other emergency services. If video cameras areavailable at the alarm site, then the agent may also access live and/orarchived video data (and even audio data) from the alarm site to furtherhelp determine if the alarm is legitimate. Because the packet datanetwork is used for communications, the agent may attempt to establish a3GPP IP Multimedia Subsystem (“IMS”) SIP session with the customer. ThisIMS session enables a multimedia voice and data session between theagent and the customer. The IMS session enables the agent and customerto have a voice conversation using Voice over Internet Protocol (“VoIP”)technology and simultaneously share video/audio data. The video/audiosharing enables the agent to jointly access live and stored video/audiofrom cameras in the customer's home. A law enforcement officer or otherparty may be added to the video/audio sharing session. If the agentdesires, the agent may additionally or alternatively contact thecustomer by placing a Voice-over Internet Protocol call over the packetdata network. If IMS or VoIP is not available, the agent may place avoice call to the customer.

Exemplary embodiments include many features. When an alarm notificationis received at the central monitoring station, the alarm notificationmay indicate which sensor, or zone of sensors, in the customer's homewas triggered (such as an entry door, backdoor, living room, diningroom, kitchen, master bedroom or basement). If a customer has videocameras installed in their home, an agent at the central monitoringagent may access video data from some, or all, of the cameras. Somecustomers, for example, may only permit access to output from selectedcameras, such as cameras providing surveillance of exterior doors andwindows (due to privacy concerns). Other customers, however, may permitaccess to all of the cameras in their home, including interior bedroomcameras. The cameras may even include motion sensors, thusdual-functioning to also detect intrusions into the home. Cameras mayinclude tilt, pan, and zoom capabilities, thus allowing video and audiosurveillance of multiple zones of sensors (such as window and doorsensors). A home network may include a mass storage device toautomatically store streaming video and audio data from the cameras inthe home. Under an alarm condition, the agent may be permitted to accesslive video and audio data, and archived audio and video data that wasrecorded prior to the alarm being detected and recorded after the alarmwas detected. Archived video and audio (recorded prior to the alarm) mayhelp the agent determine what events triggered the alarm. The massstorage device may additionally or alternatively be located in theservice provider's network.

Exemplary embodiments include a method for notifying of an alarmdetected by a security system. When the alarm is detected, the securitysystem associates an alarm code to a zone and/or to a camera. Video datafrom the camera is retrieved, and an Internet Protocol (“IP”) alarmnotification address is also retrieved. The video data is sent over apacket data network to the IP alarm notification address associated withthe central monitoring station. The video data usually routes to an IPaddress associated with a professional security service (such as BRINKSHOME SECURITY® or ADT® home security). Streaming video data (and evenaudio data) helps an agent at the central monitoring station verify thatthe alarm is legitimate and not a “false alarm.” The agent may furtherverify the alarm by establishing an IMS SIP session with the customer.The IMS SIP session enables the agent and the customer to simultaneouslyaccess video/audio from one or more cameras in the customer's home. Theagent may also add a third party (such as police, fire or medicalpersonnel) to the IMS SIP session, thus allowing the third party tosimultaneously view the video/audio from the customer's home. Exemplaryembodiments thus permit the agent to verify that the alarm is real andnot a “false” alarm prior to contacting police, fire and/or medicalauthorities.

Broadband and wireless services may be used. Under most circumstancesthe alarm is communicated to the central monitoring station via anybroadband wireline packet data service, such as ADSL, VDSL or cablemodem. When the broadband wireline packet data service is not available,the alarm may be communicated via any wireless packet data service (suchas GPRS, Edge, 3G and LTE). When the alarm is received in the centralmonitoring station via a wireless packet data service, then the agentmay utilize the wireless packet data service to access live and archivedvideo and audio data from cameras in the customer's home.

The PSTN may also be used. When the alarm is detected and neither thewireline broadband packet data service or the wireless packet dataservice is available between the central monitoring station and thecustomer's home, then a PSTN call may be utilized to communicate thealarm from the security system to the central monitoring system.

Other systems, methods, and/or computer program products according tothe exemplary embodiments will be or become apparent to one withordinary skill in the art upon review of the following drawings anddetailed description. It is intended that all such additional systems,methods, and/or computer program products be included within thisdescription, be within the scope of the claims, and be protected by theaccompanying claims.

BRIEF DESCRIPTION OF THE SEVERAL VIEWS OF THE DRAWINGS

These and other features, aspects, and advantages of the exemplaryembodiments are better understood when the following DetailedDescription is read with reference to the accompanying drawings,wherein:

FIG. 1 is a simplified schematic illustrating an environment in whichexemplary embodiments may be implemented;

FIGS. 2-4 are more detailed schematics illustrating the exemplaryembodiments;

FIG. 5 is a schematic illustrating archival video data, according toexemplary embodiments;

FIG. 6 is a schematic illustrating camera zones, according to exemplaryembodiments;

FIG. 7 is a schematic illustrating archival camera zones, according toexemplary embodiments;

FIG. 8 is a schematic illustrating audio data, according to exemplaryembodiments;

FIGS. 9 and 10 are schematics illustrating remote notification ofalarms, according to exemplary embodiments;

FIGS. 11 and 12 are schematics illustrating alarm conferences, accordingto exemplary embodiments;

FIGS. 13-18 are schematics illustrating remote monitoring, activation,and cancelation of the security system, according to exemplaryembodiments;

FIG. 19 is a schematic illustrating personalized alerts, according toexemplary embodiments;

FIGS. 20-26 are detailed schematics illustrating wireline and wirelessconnections, according to exemplary embodiments;

FIGS. 27-29 are detailed schematics illustrating polling schemes,according to exemplary embodiments;

FIGS. 30 and 31 illustrate a reversion condition, according to exemplaryembodiments;

FIG. 32 is another detailed schematic illustrating another pollingschemes, according to exemplary embodiments;

FIG. 33 is a schematic illustrating a self-reporting feature, accordingto the exemplary embodiments;

FIGS. 34 and 35 are schematics illustrating multiple alarm codes,according to exemplary embodiments;

FIG. 36 is a schematic illustrating a priority scheme, according toexemplary embodiments;

FIG. 37 is a schematic illustrating a back-up power source, according toexemplary embodiments;

FIG. 38 is a schematic illustrating additional notification messages,according to exemplary embodiments;

FIG. 39 is a flowchart illustrating a method of providing securityservices, according to exemplary embodiments;

FIGS. 40-47 are schematics illustrating a combined data networkarchitecture comprising an IMS Core and Web Services applied to homesecurity, according to exemplary embodiments;

FIG. 48 is a schematic illustrating local and remote configuration ofthe security system, according to exemplary embodiments;

FIG. 49 is a schematic illustrating remote viewing of video data,according to exemplary embodiments;

FIG. 50 is a schematic illustrating service administration, according toexemplary embodiments; and

FIG. 51 is a schematic illustrating a generic block diagram of aprocessor-controlled device, according to exemplary embodiments.

DETAILED DESCRIPTION

The exemplary embodiments will now be described more fully hereinafterwith reference to the accompanying drawings. The exemplary embodimentsmay, however, be embodied in many different forms and should not beconstrued as limited to the embodiments set forth herein. Theseembodiments are provided so that this disclosure will be thorough andcomplete and will fully convey the exemplary embodiments to those ofordinary skill in the art.

Moreover, all statements herein reciting embodiments, as well asspecific examples thereof, are intended to encompass both structural andfunctional equivalents thereof. Additionally, it is intended that suchequivalents include both currently known equivalents as well asequivalents developed in the future (i.e., any elements developed thatperform the same function, regardless of structure).

Thus, for example, it will be appreciated by those of ordinary skill inthe art that the diagrams, schematics, illustrations, and the likerepresent conceptual views or processes illustrating the exemplaryembodiments. The functions of the various elements shown in the figuresmay be provided through the use of dedicated hardware as well ashardware capable of executing associated software. Those of ordinaryskill in the art further understand that the exemplary hardware,software, processes, methods, and/or operating systems described hereinare for illustrative purposes and, thus, are not intended to be limitedto any particular named manufacturer.

As used herein, the singular forms “a,” “an,” and “the” are intended toinclude the plural forms as well, unless expressly stated otherwise. Itwill be further understood that the terms “includes,” “comprises,”“including,” and/or “comprising,” when used in this specification,specify the presence of stated features, integers, steps, operations,elements, and/or components, but do not preclude the presence oraddition of one or more other features, integers, steps, operations,elements, components, and/or groups thereof. It will be understood thatwhen an element is referred to as being “connected” or “coupled” toanother element, it can be directly connected or coupled to the otherelement or intervening elements may be present. Furthermore, “connected”or “coupled” as used herein may include wirelessly connected or coupled.As used herein, the term “and/or” includes any and all combinations ofone or more of the associated listed items.

It will also be understood that, although the terms first, second, etc.may be used herein to describe various elements, these elements shouldnot be limited by these terms. These terms are only used to distinguishone element from another. For example, a first device could be termed asecond device, and, similarly, a second device could be termed a firstdevice without departing from the teachings of the disclosure.

FIG. 1 is a simplified schematic illustrating an environment in whichexemplary embodiments may be implemented. A security system 100communicates with a central monitoring station 102 via a packet datanetwork 104. The packet data network 104 may include a 3GPP IPMultimedia Subsystem (IMS) Core and Web Services. The security system100 has an alarm controller 106 that receives inputs from one or morealarm sensors 108. As those of ordinary skill in the art understand, thealarm sensors 108 monitor for heat, smoke, motion, sound, or any otherphysical or logical parameter that may indicate a security event. Thealarm controller 106 may also interface with one or more cameras 110that capture video data and microphones 112 that capture audio data.Audio and/or video data may be stored in a mass storage device 114, aslater paragraphs will explain. The cameras 110 may, or may not, includeany motion detection technology. The cameras 110 and microphones 112 maybe constantly capturing video and audio that is automatically stored ina local mass storage device (as will be later explained). Depending uponthe implementation, the cameras 110 may, or may not, have a physicalconnection to the alarm controller 106.

The security system 100 may be processor-controlled. As FIG. 1illustrates, the security system 100 may include a processor 120 (e.g.,“μP”), application specific integrated circuit (ASIC), or othercomponent that executes a client-side security application 122 stored ina memory 124. The client-side security application 122 monitors theinputs, status, or state of the alarm sensors 108, the cameras 110,and/or the microphone 112. The client-side security application 122 mayalso instruct any of the microphones 112 and/or cameras 110 to captureaudio and/or video data. When an alarm 126 is detected, the client-sidesecurity application 122 has software code or instructions that causethe processor 120 to send an alarm message 128 to the central monitoringstation 102. The alarm message 128 routes into and through the packetdata network 104 to an IP alarm notification address 130 associated withthe central monitoring station 102. When the central monitoring station102 receives the alarm message 128, the central monitoring station 102assigns a computerized or human agent 132. The agent 132 may then verifythat the alarm 126 is legitimate. A high percentage of alarms are“false,” such as when an owner of a home opens a door and accidentallytriggers the alarm. If the agent immediately summons emergency services,and the alarm 126 turns out to be false, then local police and firedepartments have wasted time and resources. Some municipalities may evencharge fees for the unnecessary dispatch.

Exemplary embodiments, therefore, allow the agent 132 to first verifythe alarm 126. Before summoning emergency services, the agent 132 maygain access to live, real-time audio/video data 140 from the cameras 110and/or the microphones 112. (The agent 132 may even access archivedaudio/video data of events preceding the alarm 126, as later paragraphswill explain.) The agent 132 may then view the live audio/video data 140to help determine whether the alarm 126 represents a true emergencycondition. Exemplary embodiments also allow the agent 132 to establishan IMS session 141 and/or initiate a Voice-over Internet Protocol(“VoIP”) call 142 over the packet data network 104 to further helpverify that the alarm 126 is legitimate. The homeowner may be contactedat any location, so the homeowner need not be physically located in thehome. If the alarm is a legitimate security concern, then the agent maysummon emergency help.

No seizure of a telephone is thus needed. The packet data network 104 isused to notify the central monitoring station 102, to send the liveaudio/video data 140, to establish the IMS session 141, and to route thepacketized Voice-over Internet Protocol call 142. The security system100 has thus not seized a telephone line 144 to a Public-SwitchedTelephone Network 146. That is, a customer's traditional, plain-oldtelephone system line 144 is unused and remains available to dial “911”to obtain emergency help. Exemplary embodiments thus allow the customerto converse with the agent 132 at the central monitoring station 102(using the IMS session 141 and/or the Voice-over Internet Protocol call142) while simultaneously using the conventional telephone line 144 tocall police, fire, or other emergency services 148.

The IMS session 141 allows sharing of multi-media. The IP MultimediaSubsystem (IMS) is an architectural framework for delivering InternetProtocol (IP) multimedia services. IMS was originally designed by thewireless standards body “3rd Generation Partnership Project” (or “3GPP”)as an evolution of mobile networks. IMS uses IETF protocols, such asSession Initiation Protocol (SIP). Because 3GPP IP Multimedia Subsystem(IMS) Core and Web Services are known to those of ordinary skill in theart, no detailed explanation is needed.

FIGS. 2-4 are more detailed schematics illustrating the exemplaryembodiments. When the client-side security application 122 detects analarm condition 160 from one of the sensors 108, the client-sidesecurity application 122 instructs the processor 120 to retrieve the IPalarm notification address 130 from the memory 124. The IP alarmnotification address 130 is an IP address at which the centralmonitoring station 102 receives alarm messages fromcustomers/subscribers of an alarm monitoring service. The IP alarmnotification address 130 may be preloaded into the memory 124, and theIP alarm notification address 130 may be changed after a software updateto the client-side security application 122. The client-side securityapplication 122 then generates the alarm message 128. The alarm message128 may include data that uniquely identifies the customer's accountand/or a network IP address 162 associated with the security system 100and/or the alarm controller 106. The alarm message 128 may also includedata that describes the alarm condition 160, such as an alarm code 164associated with the sensor 108. The alarm message 128 may also includeinformation describing the customer and/or the customer's physicalstreet address. Whatever data is included in the alarm message 128, thedata is packetized according to a packet protocol 166. Once the alarmmessage 128 is formatted and ready, the processor 120 sends the alarmmessage 128 to the IP alarm notification address 130 associated with thecentral monitoring station 102.

Any packet protocol 166 is suitable. As those of ordinary skill in theart understand, sometimes information is packetized (or “framed”) foruse in packet packet data networks. The information is grouped intopackets according to the packet protocol 166. As those of ordinary skillin the art also understand, there are many packet protocols. Some of themore well-known packet protocols include TCP/IP, IPX/SPX, AppleTalk, andSNA. Some standards organizations, such as the I.E.E.E., issue standardsfor packetizing data. Some networks are “mixed.” That is, the networkreceives and handles packets of differing protocols, and a “translator”determines the particular packet protocol and the appropriatedestination for each packet. Because the basics of packetizing andpacket protocols are well-known, this disclosure will not furtherexplain the packetizing of the alarm message 128.

FIG. 3 is a detailed schematic illustrating receipt of the alarm message128. The alarm message 128 routes from the alarm controller 106, throughthe packet data network 104, and to a security server 170 at the centralmonitoring station 102. The security server 170 has a processor 172(e.g., “μP”), application specific integrated circuit (ASIC), or othercomponent that executes a server-side security application 174 stored ina memory 176. The server-side security application 174 and theclient-side security application 122 cooperate in a client-serverenvironment to notify of alarms from the security system 100.

When the security server 170 receives the alarm message 128, theserver-side security application 174 obtains any data associated withthe alarm message 128. The server-side security application 174, forexample, retrieves the network IP address 162 associated with thesecurity system 100 and/or the alarm controller 106. The network IPaddress 162, for example, may be extracted from one or more headerportions 178 and/or from a payload portion 180 of the packetized alarmmessage 128. Regardless, the server-side security application 174 maythen assign the human or computerized agent (illustrated as referencenumeral 132 in FIG. 1) to the alarm condition 160. The server-sidesecurity application 174 may call or invoke a software module orsubroutine that selects the available agent 132 from a pool of agents.However the agent 132 is chosen, the agent 132 may then have authorityto contact police, fire, and other emergency services. Before the agentsummons emergency help, though, the agent 132 may first want to verifythat the alarm condition 160 is legitimate and not a “false” alarm.

The cameras 110 may help. Even though the alarm message 128 has beenreceived, the agent 132 may first want to view live or archived videodata before summoning emergency services. The agent 132, then, mayinstruct his or her computer terminal 182 to send a video request 184 tothe alarm controller 106. The video request 184 routes over the packetdata network 104 to the network IP address 162 associated with the alarmcontroller 106. When the client-side security application 122 receivesthe video request 184, the client-side security application 122retrieves live video data 186 from at least one of the cameras 110. Theclient-side security application 122 instructs the alarm controller 106to send the live video data 186 to a terminal IP address 188 associatedwith the agent's computer terminal 182. The agent's computer terminal182 has a video processor that displays the live video data 186 on adisplay device (the video processor and the display device are not shownfor simplicity). The agent 132 may view the live video data 186 to helpdetermine whether the alarm condition 160 is legitimate. If the livevideo data 186 indicates a fire, attack, or other legitimate securityconcern, then the agent 132 may immediately summon police, fire, and/orother emergency services.

Permissions may need to be established. If multiple cameras are presentin the customer's home, the customer may not want the agent to haveaccess to all cameras. That is, there may be some camera outputs thatare “off limits” and not accessible. A bedroom security camera, forexample, may be configured as “private,” not shared, and perhaps notarchived. The homeowner/customer may thus establish a policy to managewhich camera outputs are available to the central monitoring stationduring an alarm condition. The client-side security application 122 maybe configured to permit, or deny, remote access to any output of anycamera 110 according to user and/or the user's location. If a user hasacceptable authentication credentials (e.g., username and password), butan unacceptable location (such as GPS coordinates), then the client-sidesecurity application 122 may deny access to video and any other feature.Some camera output may be associated with public permissions, whileother camera output may be associated with specific authenticationcredentials.

FIG. 4 illustrates the IMS session 141. The IMS session 141 isestablished between the agent's computer terminal 182 and the customer142. Even though the agent (illustrated as reference numeral 132 inFIG. 1) may view the live video data 186, the agent 132 may still wantfurther verification. The agent 132 may thus establish the IMS session141 over the packet data network 104 to the owner or occupant to furtherhelp verify that the alarm condition 160 is legitimate. The agent mayestablish an IMS SIP session with the customer by placing a call to thecustomer's ten digit home phone number, cell phone number, or othercommunications device 202. If the customer has an IMS SIP capabledevice, then the IMS SIP session 141 is established between the agentand the customer. The IMS SIP session 141 enables the agent and thecustomer to talk and to simultaneously access the live video data 186from one or more cameras in the customer's home (later paragraphs willexplain how stored, archived video may also be retrieved). Under thisscenario the IMS SIP session 141 may be carried end-to-end over thepacket data network 104. If the customer does not have an IMS SIPcapable device, then the call may pass through a Media Gateway in thenetwork 104 and may be converted to a circuit switched voice call, thusallowing the customer to answer the call on a PSTN telephone. In manysituations, however, VoIP technology may be used. The agent may use aVoIP soft phone client on their work station to place a voice call tothe customer. The security system 100 in the customer's home may haveVoIP phone capability which is integrated with a two-way intercomsystem. This capability will allow the customer to answer the incomingVoIP call 142 through the intercom system using VoIP technology. Theserver-side security application 174 may place or arrange the VoIP callto the customer (such as the customer's communications device 202). Ifthe customer has VoIP service, then the customer will answer the VoIPcall 142 with a VoIP phone. Under this scenario the voice communicationbetween the agent and the customer may again be carried over the packetdata network 104. The IMS SIP session 141 allows the agent 132 to askquestions and to further evaluate the alarm condition 160. If the IMSSIP session 141 confirms that a legitimate security concern exists, thenthe agent 132 may immediately summon police, fire, and/or otheremergency services. The agent may also choose to add a police, fire ormedical person to the IMS SIP session, so that the agent, customer andpolice, fire or medical person can simultaneously talk and accessvideo/audio from the customer's home.

The IMS session 141 and/or the VoIP call 142 may route to the customer'scommunications device 202. The server-side security application 174 mayassociate the network IP address 162 to the customer's notificationaddress 200. The customer's notification address 200 may be a telephonenumber and/or IP address to which the agent's computer terminal 182calls to verify the alarm condition 160. The customer's notificationaddress 200 may be associated with a cell phone, PSTN phone, computer,or any other communications device 202. The server-side securityapplication 174, for example, queries a data table 204 that is stored inthe memory 176 of the security server 170. The data table 204 maps,relates, or otherwise associates the network IP address 162 to thenotification address 200. The server-side security application 174retrieves the notification address 200 that is associated with thenetwork IP address 162. The notification address 200 may be anyhexadecimal address and/or a more common telephone number. Thenotification address 200 may be formatted, for example, according to theIPv4 or IPv6 specification. Once the notification address 200 isretrieved, the agent's computer terminal 182 establishes a call orsession with the notification address 200. The agent's computer terminal182 may call or invoke a Voice-over Internet Protocol (“VoIP”)application 206. The VoIP application 206 is a software module orroutine that establishes the Voice-over Internet Protocol call 142 tothe notification address 200. The Voice-over Internet Protocol call 142routes as packets of data over the packet data network 104 to thenotification address 200 associated with the communications device 202.The notification address 200 may even be associated with the alarmcontroller 106, thus allowing the agent (illustrated as referencenumeral 132 in FIG. 1) to call the alarm controller 106 itself.Regardless, the agent 132 may then further ascertain the alarm condition160 detected by the security system 100. The Voice-over InternetProtocol call 142 allows the agent 132 to ask questions and to furtherevaluate the alarm condition 160. If the Voice-over Internet Protocolcall 142 confirms that a legitimate security concern exists, then theagent 132 may immediately summon police, fire, and/or other emergencyservices.

FIG. 5 is a schematic illustrating archival video data, according toexemplary embodiments. Even though the agent (illustrated as referencenumeral 132 in FIG. 1) may view the live video data 186, the agent 132may also request and receive older, archived video data. FIG. 5, forexample, illustrates a video database 220. As the one or more cameras110 capture the live video data 186, the client-side securityapplication 122 may instruct the alarm controller 106 to store the livevideo data 186 in the video database 220. The video database 220 thusbuilds up, over time, archival video data 222. The video database 220may thus be used to reveal important archival video data 222 of eventsthat preceded a fire, burglary, or other emergency situation.

FIG. 5 illustrates a local architecture for the video database 220,according to exemplary embodiments. The video database 220 is locallymaintained in a local or home network that is shared with the alarmcontroller 106. That is, any video data captured by the cameras 110 isstored in a home or business network that communicates with the alarmcontroller 106. Because the video data is locally captured and stored,the video data need not be sent to a remote storage location via theInternet. Upstream bandwidth consumption is thus reduced or not needed.The video database 220, however, may be remotely located from the alarmcontroller 106, but excessive bandwidth may be needed to upload videodata. Regardless, the video database 220 may store the video data on aFIFO (“first in, first out”) basis, with each camera 110 having adedicated memory space or partition. An alternate storage scheme mayused, though, such as a “last in, first out” (or “LIFO”) basis to speedrecovery of the most recent footage. The video database 220 may alsostore data as a loop that is overwritten after a predetermined time(such as multiple days or weeks, although a two or three day time periodmay be adequate for most customers). The video database 220 may alsodate and time stamp the video data to help indexing and retrievalefforts.

However the video database 220 is configured, the agent's computerterminal 182 may request archival footage. The agent 132 instructs hisor her computer terminal 182 to send an archival video request 224 tothe alarm controller 106. The archival video request 224 routes over thepacket data network 104 to the network IP address 162 associated withthe alarm controller 106. When the client-side security application 122receives the archival video request 224, the client-side securityapplication 122 instructs the video database 220 to retrieve the olderarchival video data 222 and to send the older archival video data 222 tothe terminal address (illustrated as reference numeral 188 in FIG. 3)associated with the agent's computer terminal 182. The agent's computerterminal 182 displays the older archival video data 222, thus allowingthe agent (illustrated as reference numeral 132 in FIG. 1) to see whatevents transpired prior to the alarm condition 160. The older archivalvideo data 222 may reveal the cause of a fire, the face of an intruder,or other information that legitimates the alarm condition 160.

FIG. 6 is a schematic illustrating camera zones, according to exemplaryembodiments. Because there may be multiple cameras 110 in a home orbusiness, the live video data 186 may consume too much bandwidth in thepacket data network 104. If the client-side security application 122attempts to send live video data 186 from three (3) different cameras110, for example, the live video data 186 may likely create or encountercongestion in the packet data network 104. Delivery to the agent'scomputer terminal 186 may be delayed, or delivery may even fail. Delayor failure may be unacceptable.

Exemplary embodiments, then, may reduce bandwidth consumption. When thealarm condition 160 is detected, the alarm condition 160 may identifythe alarm code 164 associated with the sensor 108 that triggered thealarm condition 160. Suppose the alarm code 164 is associated with afront door sensor. Video data of the front door is thus most relevant.Video data of a back door may be less helpful. Bandwidth may thus bereduced by only sending the live video data 186 from a camera aimed atthe front door. Video data of the back door may contribute to congestionand delay delivery of the more-important front door video data.

The client-side security application 122 may then associate the alarmcode 164 to a particular one (or more) of the cameras 110. When theclient-side security application 122 receives the alarm code 164associated with the sensor 108 that triggered the alarm condition 160,the client-side security application 122 may select only the mostrelevant video data. The client-side security application 122, forexample, may query a camera table 230 that is stored in the memory(illustrated as reference numeral 124 in FIGS. 1 & 2) of the alarmcontroller 106. The camera table 230 maps, relates, or otherwiseassociates the alarm code 164 to a camera number 232. Each of thecameras 110 is uniquely identified with the camera number 232. Eachcamera number 232 may be any alpha-numeric identifier. The client-sidesecurity application 122 retrieves the camera number 232 that isassociated with the alarm code 164. When the client-side securityapplication 122 receives the video request 184, the client-side securityapplication 122 may then retrieve only the live video data 186associated with the retrieved camera number 232. The client-sidesecurity application 122 instructs the alarm controller 106 to send onlythe live video data 186 associated with the camera number 232 to theagent's computer terminal 182. Because only the relevant video data issent, less bandwidth is needed.

Any video data, from any camera 110, is also available. Even though theclient-side security application 122 may initially send only live videodata 186 associated with the camera number 232, the agent (illustratedas reference numeral 132 in FIG. 1) may request video data from anycamera 110. After the agent 132 views the live video data 186 from thecamera number 232 associated with the alarm code 164, the agent 132 maywant video data from other cameras. When agent's computer terminal 182sends a subsequent video request 184, the agent may specify output froma particular camera number 232. The client-side security application 122retrieves the live video data 186 associated with the requested cameranumber 232 and sends the requested live video data 186 to the terminalIP address 188 associated with the agent's computer terminal 182.

Zones may also be used. When the alarm condition 160 is detected, thealarm condition 160 may identify the alarm code 164 associated with thesensor 108 that triggered the alarm condition 160. The client-sidesecurity application 122 may then query the camera table 230 for thezone and for the associated camera number 232. The client-side securityapplication 122 may then retrieve only the live video data 186associated with the retrieved camera number 232. Exemplary embodimentsmay thus enable communication of the specific sensor that triggered thealarm.

FIG. 7 is a schematic illustrating archival camera zones, according toexemplary embodiments. Here the camera table 230 may also be used toretrieve the archival video data 222 associated with a particular cameranumber 232. Once the alarm code 164 is known, the client-side securityapplication 122 queries the camera table 230 for the camera number 232associated with the alarm code 164. The client-side security application122 retrieves the camera number 232 and instructs the video database 220to retrieve the archival video data 222 associated with the cameranumber 232. The video database 220 may then send the archival video data222 to the terminal IP address 188 associated with the agent's computerterminal 182. The agent's computer terminal 182 displays the olderarchival video data 222, thus allowing the agent 132 to see what eventspreceded the alarm condition 160.

FIG. 8 is a schematic illustrating audio data, according to exemplaryembodiments. The alarm system 100 may include one or more microphonesthat capture real-time, live audio data 240. The live audio data 240 maybe sent to the agent's computer terminal 182 to help the agent(illustrated as reference numeral 132 in FIG. 1) evaluate the emergencysituation. The live audio data 240 may also be stored in an audio server242 to provide a long-term repository of audio data. The audio server242 is again illustrated as being locally maintained in the customer'slocal network to reduce bandwidth consumption. The audio server 242 maystore the video data on a FIFO (“first in, first out”) or LIFO (“lastin, last out”) basis, with each microphone 112 having a dedicated memoryspace or partition. The audio server 242 may also store the live audiodata 240 as a loop that is overwritten after a predetermined time, andthe audio server 242 may also date and time stamp the audio data 240 tohelp indexing and retrieval efforts. FIG. 8 also illustrates amicrophone table 244 modified to also associate the alarm code 164 to aunique microphone number 246. When the client-side security application122 receives an audio request 248, the client-side security application122 may then retrieve only the live audio data 240 associated with themicrophone number 246. The client-side security application 122 may alsoinstruct the audio server 242 to retrieve archived audio data 250associated with the microphone number 246. Both the live audio data 240and the archived audio data 250 may thus be sent to the terminal IPaddress 188 associated with the agent's computer terminal 182. The liveaudio data 240 and the archived audio data 250 allows the agent 132 tohear what events preceded the alarm code 164.

FIGS. 9 and 10 are schematics illustrating remote notification ofalarms, according to exemplary embodiments. FIG. 9 illustrates theclient-side security application 122 notifying any third party of thealarm condition 160 detected by the security system 100. When the alarmcontroller 106 detects the alarm condition 160, the client-side securityapplication 122 may access a list 260 of notification addresses. Thelist 260 of notification addresses is illustrated as being locallystored in the alarm controller 106, but the list 260 of notificationaddresses may be remotely accessed and retrieved via the packet datanetwork 104. The list 260 of notification addresses storescommunications addresses which are notified of the alarm condition 160detected by the security system 100. Each entry in the list 260 ofnotification addresses may be a telephone number, I.P. address, emailaddress, pager address, or any other communications address. Theclient-side security application 122 formats an alarm notification 262,and the alarm notification 262 may include information describing thealarm condition 160 (such as the alarm code 164, a physical streetaddress, and any other information). The client-side securityapplication 122 then sends the alarm notification 262 to each entry inthe list 260 of notification addresses. FIG. 9 illustrates the alarmnotification 262 communicating via the packet data network 104 to athird party communications device 264 associated with one of thenotification addresses. The client-side security application 122 maythus notify friends, neighbors, a spouse, children, and anycommunications addresses in the list 260 of notification addresses.

FIG. 10 illustrates the server-side security application 174 notifyingthird parties. When the server-side security application 174 receivesthe alarm message 128, here the server-side security application 174accesses the list 260 of notification addresses. The list 260 ofnotification addresses is illustrated as being locally stored in thesecurity server 170, but the list 260 of notification addresses may beremotely accessed and retrieved via the packet data network 104. Theserver-side security application 174 formats the alarm notification 262and sends the alarm notification 262 to each entry in the list 260 ofnotification addresses. FIG. 10 also illustrates the alarm notification262 communicating via the packet data network 104 to the third partycommunications device 264 associated with one of the notificationaddresses.

FIGS. 11 and 12 are schematics illustrating alarm conferences, accordingto exemplary embodiments. When the alarm condition 160 is detected,exemplary embodiments may establish a conference 270 with a remotecommunications device 272. FIG. 11, for example, illustrates asessions-based conference that utilizes the packet data network 104.When the alarm controller 106 detects the alarm condition 160, theclient-side security application 122 may access a list 274 of conferenceaddresses. The list 274 of conference addresses is illustrated as beinglocally stored in the alarm controller 106, but the list 274 ofconference addresses may be remotely accessed and retrieved via thepacket data network 104. The list 274 of conference addresses storescommunications addresses which are joined to a shared communicationssession (such as a Voice-over Internet Protocol conference call, a videoconference, or even a text conference). The client-side securityapplication 122 calls or invokes a conference application 276 thatestablishes the conference 270. The conference application 276 isillustrated as being locally stored in the alarm controller 106, but theconference application 276 may be remotely accessed via the packet datanetwork 104. The conference application 276, for example, may be aservice offered by a service provider. Regardless, the conferenceapplication 276 establishes a common session with one or more of thecommunications addresses in the list 274 of conference addresses. Oncethe conference 270 is established, the client-side security application122 cooperates with the conference application 276 to send the livevideo data 186, the archived video data 222, the live audio data 240,and/or the archived audio data 250 to a conference participantassociated with the remote communications device 272. The conferenceparticipant is thus able to receive real-time and archived audio andvideo data of the emergency situation.

FIG. 12 is similar but illustrates the agent's computer terminal 182 asa conference participant. Here the server-side security application 174may cooperate with the conference application 276 and/or the client-sidesecurity application 122 to establish the conference 270 between theagent's computer terminal 182 and any of the communications addresses inthe list 274 of conference addresses. Once the conference 270 isestablished, the live video data 186, the archived video data 222, thelive audio data 240, and/or the archived audio data 250 may be sharedbetween the agent's computer terminal 182 and the remote communicationsdevice 272. The agent (illustrated as reference numeral 132 in FIG. 1)and the conference participant are thus able to receive real-time andarchived audio and video data of the emergency situation. The agent 132and the conference participant may thus jointly view the video anddiscuss the alarm condition 160 detected by the security system 100.

FIG. 13 is a schematic illustrating remote monitoring of the securitysystem 100, according to exemplary embodiments. Here the client-sidesecurity application 122 may be configured to permit remote access. Theclient-side security application 122, for example, may include a webinterface 300 that permits a remote user to login and download a webpage302. The webpage 302 may include a graphical user interface (“GUI”) 304that visually presents raw sensor output data 306 from any of thesensors (illustrated as reference numeral 108 in FIGS. 1-2). Thegraphical user interface 304 may also present a summary status 308 thatpresents a current or historical status of the security system 100. Thegraphical user interface 304 may also include data or links to cameraoutput 310 from any of the cameras 110 and/or microphone output 312 fromany of the microphones 112. The graphical user interface 304 may thuspermit the remote user to download the live video data 186 from any ofthe cameras 110 and/or the live audio data 240 from any of themicrophones 112. The graphical user interface 304 may also provide linksor access to the video database 220, thus permitting the remote user todownload the archived video data 222. The graphical user interface 304may also provide links or access to the audio server 242 to download thearchived audio data 250.

FIGS. 14 and 15 are schematics illustrating remote activation of thesecurity system 100, according to exemplary embodiments. Here the remoteuser may remotely trigger or activate the security system 100. As theremote user views the live video data 186, for example, the remote usermay observe an emergency situation. If no sensor detects the emergency,then the security system 100 may not trigger the alarm condition 106.Here, though, the remote user may instruct the alarm controller 106 tomanually trigger the alarm condition 160. FIG. 14, then, illustrates thegraphical user interface 304 that presents the live video data 186 fromone of the cameras 110. The live video data 186 is downloaded anddisplayed in a window portion 330 of the graphical user interface 304.If the live video data 186 reveals suspicious activity, the remote usermay place a cursor 332 and select an alarm control button 334. When theremote user selects the alarm control button 334, the graphical userinterface 304 may display an emergency dialog box 336. The emergencydialog box 336 may include a message field 338 for the remote user tomanually enter text explaining the emergency event. Once the text isentered, the remote user selects a SEND ALARM MESSAGE control button340.

FIG. 15 illustrates a manually created alarm message 350 that is sent tothe security server 170. When the remote user selects the SEND ALARMMESSAGE control button 340, the remote user's device 352 sends themanually-created alarm message 350. The manually-created alarm message350 routes along the packet data network 104 to the IP alarmnotification address 130 associated with the security server 170. Whenthe server-side security application 174 receives the manually createdalarm message 350, the server-side security application 174 may summonemergency services. The manually created alarm message 350 may includeinformation that describes the security system 100, the physical addressassociated with the security system 100, and the text entered into themessage field 338 of the emergency dialog box 336.

FIGS. 16 and 17 are schematics illustrating remote cancellation of thesecurity system 100, according to exemplary embodiments. Here the thirdparty remote user may cancel, or deactivate, the alarm condition 160 toavoid “false” alarms. When the alarm condition 160 is detected, theclient-side security application 122 and/or the server-side securityapplication 174 may provide remote notification of alarms (as FIGS. 9and 10 illustrated). Suppose, for example, that the remote user isnotified of the alarm condition 160. The remote user may immediatelylogin to the client-side security application 122 (via the web interface300), download the graphical user interface 304, and link to or downloadreal-time and archived audio and/or video data. The remote user maydecide, after reviewing the video data, that a “false” alarm hasoccurred. The graphical user interface 304 may include a CANCEL ALARMcontrol button 370. When the remote user selects the CANCEL ALARMcontrol button 370, FIG. 17 illustrates a cancellation message 372 thatis sent to the client-side security application 122 and/or theserver-side security application 174 (via the packet data network 104).The cancellation message 372 may cause the client-side securityapplication 122 to cancel the alarm condition 160. The cancellationmessage 372 may also cause the server-side security application 174 toinform the agent (illustrated as reference numeral 132 in FIG. 1) of thefalse alarm. The cancellation message 372 may thus help the remote useravoid a governmental fee for an emergency dispatch.

FIG. 18 is another schematic illustrating remote monitoring of thesecurity system 100, according to exemplary embodiments. Here theclient-side security application 122, and/or the server-side securityapplication 174, may include other remote access features. Theclient-side security application 122, for example, may include an IVRinterface 380 that receives and interprets voice commands. A remote usermay dial a phone number that provides telephony access to theclient-side security application 122. The IVR interface 380 interpretsspoken commands that permit remote activation and deactivation ofalarms. The IVR interface 380 may also respond to audible configurationcommands. FIG. 18 also illustrates a DTMF interface 382. The DTMFinterface 382 accepts and responds to dual-tone multi-frequency (“DTMF”)inputs that permit remote configuration, remote activation, and remotedeactivation. As FIG. 18 also illustrates, the server-side securityapplication 174 may also include the IVR interface 380 and/or the DTMFinterface 382.

FIG. 19 is a schematic illustrating personalized alerts, according toexemplary embodiments. Here the client-side security application 122 maysend updates and alerts to keep a user informed of the status of thesecurity system 100. As the alarm controller 106 receives sensor datafrom the sensors 108, the client-side security application 122 mayaccess a set 400 of rules. The set 400 of rules is illustrated as beinglocally stored in the alarm controller 106, but the set 400 of rules maybe remotely accessed and retrieved via the packet data network 104. Theset 400 of rules stores one or more logical rules that determine when anaction is taken. Here the logical rules may describe personalizedalerts. One such rule, for example, may be a heat rule. When theclient-side security application 122 receives information indicating aheat sensor is detecting temperatures above a threshold temperature,then the client-side security application 122 may instruct the alarmcontroller 106 to send an alert message 402 to an alert address 404. Theheat rule may also instruct the client-side security application 122 todownload a local weather forecast associated with the physical addressof the alarm controller 106. The heat rule would then instruct theclient-side security application 122 to include the local weatherforecast in the alert message 402. If glass breakage is detected,another rule may instruct the client-side security application 122 todownload businesses that repair glass and to include the businesses inthe alert message 402. If smoke is detected, yet another rule mayinstruct the client-side security application 122 to download businessesthat repair smoke damage and to include the businesses in the alertmessage 402. Other rules may be configured to provide any informationdesired.

FIGS. 20-23 are even more detailed schematics illustrating the exemplaryembodiments. FIG. 20 illustrates the selection of a network connectionto the packet data network 104. When the client-side securityapplication 122 detects the alarm condition 160 from one of the sensors108, the client-side security application 122 must connect to the packetdata network 104 to send the alarm message 128 to the central monitoringstation 102. If the client-side security application 122 cannot connectto the packet data network 104, then the client-side securityapplication 122 may utilize other notification architectures (as laterparagraphs will explain).

FIG. 20, then, illustrates two (2) different, simultaneous connectionsto the packet data network 104. The client-side security application 122may send the alarm message 128 over a wireline broadband networkconnection 500 to the packet data network 104. The client-side securityapplication 122 may also send the alarm message 128 over a wirelessnetwork connection 502 to the packet data network 104. While exemplaryembodiments may send the alarm message over both the wireline broadbandnetwork connection 500 and the wireless network connection 502,exemplary embodiments may prefer the wireline broadband networkconnection 500 over the wireless network connection 502. Even thoughtechnological advances may continually improve wireless data rates(e.g., bits per second), it is likely that the wireline broadbandnetwork connection 500 will be “faster” than the wireless networkconnection 502. That is, the wireline broadband network connection 500may usually have a greater data rate than the wireless networkconnection 502. The client-side security application 122 may thus preferto send the alarm message 128 over the fastest connection to the packetdata network 104 to obtain emergency help as fast as possible. Thefaster wireline broadband network connection 500 may also providegreater clarity for the Voice-over Internet Protocol call (illustratedas reference numeral 124 in FIG. 1).

The two (2) different connections also provide redundancy. The wirelinebroadband network connection 500 and the wireless network connection 502help ensure that the central monitoring station 102 has two-waycommunications capabilities with the security system 100. Even thoughthe wireline broadband network connection 500 may be preferable, thewireless network connection 502 provides a back-up, alternativeconnection to the packet data network 104.

The client-side security application 122 may thus continually monitorthe status of the wireline broadband network connection 500 and thewireless network connection 502. When the alarm condition 160 isdetected, the client-side security application 122 may first determinewhether the wireline broadband network connection 500 to the packet datanetwork 104 is available. When the wireline broadband network connection500 is available, the client-side security application 122 routes thealarm message 128 over the wireline broadband network connection 500 tothe IP alarm notification address 130 associated with the centralmonitoring station 102. When, however, the wireline broadband networkconnection 500 is unavailable, the client-side security application 122routes the alarm message 128 over the wireless network connection 502 tothe IP alarm notification address 130. Regardless, when the centralmonitoring station 102 receives the alarm message 128, the centralmonitoring station 102 may summon emergency services, as earlierparagraphs explained.

FIG. 21 is a detailed schematic illustrating the wireline broadbandnetwork connection 500, according to exemplary embodiments. The alarmcontroller 106 communicates with a broadband data modem 504. Thebroadband data modem 504 communicates with the packet data network 104.The broadband data modem 504 modulates and/or demodulates data that issent to, and received from, the packet data network 104. The broadbanddata modem 504 is well known to those of ordinary skill in the art, sothe architecture and operating principles of the broadband data modem504 need not be discussed. The broadband data modem 504 may beaddressable, so the broadband data modem 504 may have a unique or sharedbroadband modem address 506. When the alarm condition 160 is detected,and when the wireline broadband network connection 500 is available, theclient-side security application 122 may route the alarm message 128over the wireline broadband network connection 500 to the packet datanetwork 104.

FIG. 22 is a detailed schematic illustrating the wireless networkconnection 502, according to exemplary embodiments. The alarm controller106 also communicates with a wireless data modem 520. The wireless datamodem 520 also communicates with the packet data network 104. FIG. 22illustrates a cellular architecture, in which the wireless data modem520 uses cellular technology to communicate with the packet data network104. The wireless data modem 520 sends and receives data to an antenna522 of a base station transceiver 524. The base station transceiver 524communicates with a mobile telephone switching office (“MTSO”) 526, andthe mobile telephone switching office 526 has a data link to the packetdata network 104. The wireless data modem 520 modulates and/ordemodulates the signals that are received and sent via the base stationtransceiver 524. The wireless data modem 520 is again well known tothose of ordinary skill in the art, so the wireless data modem 520 neednot be discussed in more detail. The wireless data modem 520 may beaddressable, so the wireless data modem 520 may also have a unique orshared wireless modem address 528. When the alarm condition 160 isdetected, then the client-side security application 122 may route thealarm message 128 over the wireless network connection 502 to the packetdata network 104.

FIG. 23 is a more detailed schematic illustrating receipt of the alarmmessage 128. The alarm message 128 may route over the wireline broadbandnetwork connection 500 to the packet data network 104, or the alarmmessage 128 may route over the wireless network connection 502 to thepacket data network 104. However the alarm message 128 routes, thesecurity server 170 at the central monitoring station 102 receives thealarm message 128. The server-side security application 174 may thenestablishe the Voice-over Internet Protocol call 142.

FIG. 23, though, illustrates the Voice-over Internet Protocol call 142routing back to the alarm controller 106. Because the alarm controller106 maintains two-way communications capabilities with the centralmonitoring station 102, the alarm controller 106 may have the capabilityto conduct the Voice-over Internet Protocol call 142. That is, the alarmcontroller 106 includes circuitry, componentry, and programming toconduct the Internet Protocol call 142 with the central monitoringstation 102. The alarm controller 106, for example, may include amicrophone, speaker, and/or other components that function to processthe Voice-over Internet Protocol call 142.

The server-side security application 174 may thus initiate theVoice-over Internet Protocol call 142 to the alarm controller 106. Whenthe server-side security application 174 obtains the network IP address162 from the alarm message 128, the server-side security application 174may establish the Voice-over Internet Protocol call 142 to the alarmcontroller 106. The server-side security application 174 calls orinvokes the Voice-over Internet Protocol (“VoIP”) application 206 toestablish the Voice-over Internet Protocol call 142 to the network IPaddress 162 associated with the alarm controller 106. A user at thealarm controller 106 may then converse with the computerized or humanagent (illustrated as reference numeral 132 in FIG. 1).

FIG. 24 is a detailed schematic illustrating the Voice-over InternetProtocol call 142 routing over the wireline broadband network connection500, according to exemplary embodiments. When the server-side securityapplication 174 initiates the Voice-over Internet Protocol call 142 tothe alarm controller 106, the server-side security application 174 mayprefer the fastest network connection that is available. Because thewireline broadband network connection 500 may usually have a greaterdata rate, the client-side security application 122 may thus prefer toroute the Voice-over Internet Protocol call 142 over the wirelinebroadband network connection 500 to the broadband modem address 506associated with the broadband data modem 504. The Voice-over InternetProtocol call 142 then routes from the broadband data modem 504 to thenetwork IP address 162 associated with the alarm controller 106. Theclient-side security application 122 then calls or invokes theVoice-over Internet Protocol (“VoIP”) application 206 to establish theVoice-over Internet Protocol call 142 with the central monitoringstation 102. A user at the alarm controller 106 may then converse withthe computerized or human agent 132.

FIG. 25 is a detailed schematic illustrating the Voice-over InternetProtocol call 142 routing over the wireless network connection 502,according to exemplary embodiments. When the server-side securityapplication 174 initiates the Voice-over Internet Protocol call 142 tothe alarm controller 106, the server-side security application 174 mayprefer the faster wireline broadband network connection (illustrated asreference numeral 500 in FIG. 21). When the wireline broadband networkconnection 500 is unavailable, though, the server-side securityapplication 174 may utilize the wireless network connection 502. Eventhough the wireless network connection 502 may be “slower” (e.g., alesser bit rate), even the available data rates from today's cellularnetworks are adequate to conduct the Voice-over Internet Protocol call142. So, when the wireline broadband network connection 500 isunavailable, the server-side security application 174 may route theVoice-over Internet Protocol call 142 to the wireless modem address 528associated with the wireless data modem 520. The Voice-over InternetProtocol call 142 then routes from the wireless data modem 520 to thenetwork IP address 162 associated with the alarm controller 106. Theclient-side security application 122 then calls or invokes theVoice-over Internet Protocol (“VoIP”) application 206 to establish theVoice-over Internet Protocol call 142 with the central monitoringstation 102. The user at the alarm controller 106 may then converse withthe computerized or human agent 132.

FIG. 26 is a schematic illustrating other architectures for the wirelessnetwork connection 502, according to exemplary embodiments. FIG. 22illustrated a cellular architecture, in which the wireless data modem520 used cellular technology to communicate with the packet data network104. FIG. 26 illustrates that any wireless architecture may be used toestablish a wireless communications link 540 between the alarmcontroller 106 and the packet data network 104. The alarm controller106, for example, may establish a BLUETOOTH®, WI-FI®, or any otherwireless connection with the packet data network 104. Any frequencywithin the electromagnetic spectrum may also be used.

FIGS. 27-29 are more detailed schematics illustrating the exemplaryembodiments. FIG. 27 illustrates a polling scheme to determine thestatus of the wireline broadband network connection 500 and the wirelessnetwork connection 502. The server-side security application 174 mayperiodically send polling messages to the alarm controller 106. Becausethe alarm controller 106 has the two (2) different network connections(the wireline broadband network connection 500 and the wireless networkconnection 502), exemplary embodiments may poll for the availability ofeach network connection.

FIG. 27, for example, illustrates a polling message 550. The pollingmessage 550 routes from the server-side security application 174 intoand through the packet data network 104. The polling message 550 routesto the network IP address 162 associated with the alarm controller 106.When the alarm controller 106 receives the polling message 550, thealarm controller 106 sends a response 552. The response 552 communicatesthrough the packet data network 104 to the server-side securityapplication 174 operating in the security server 170. When the response552 is received, the server-side security application 174 knows orinfers that that the alarm controller 106 is online and communicating.

Even though the response 552 is received, the server-side securityapplication 174 does not know which network connection is available.Even though the alarm controller 106 is online and communicating, theserver-side security application 174 may not know whether the wirelinebroadband network connection 500 is available, or whether the back-upwireless network connection 502 was used to route the response 552.Which network connection is available may be important when routing theVoice-over Internet Protocol call (illustrated as reference numeral 142in FIG. 1) to the alarm controller 106.

FIGS. 28 and 29, then, illustrate two (2) different polling schemes.Here separate polling messages may be sent to the alarm controller 106.FIG. 28 illustrates a wireline polling message 560 routing from theserver-side security application 174, through the packet data network104, and downstream over the wireline broadband network connection 500to the network IP address 162 associated with the alarm controller 106.When the alarm controller 106 receives the wireline polling message 560,the alarm controller 106 sends a wireline response 562. The wirelineresponse 562 communicates upstream over the wireline broadband networkconnection 500, through the packet data network 104, and to theserver-side security application 174 operating in the security server170. When the wireline response 562 is received, the server-sidesecurity application 174 knows that the wireline broadband networkconnection 500 is online and available.

FIG. 29 illustrates a wireless polling message 570. The wireless pollingmessage 570 routes from the server-side security application 174,through the packet data network 104, and over the wireless networkconnection 502 to the network IP address 162 associated with the alarmcontroller 106. When the alarm controller 106 receives the wirelesspolling message 570, the alarm controller 106 sends a wireless response572. The wireless response 572 communicates over the wireless networkconnection 502 to the packet data network 104 and to the server-sidesecurity application 174 operating in the security server 170. When thewireless response 572 is received, the server-side security application174 knows that the wireless network connection 502 is online andavailable.

The reliability of the polling schemes illustrated in FIGS. 27-29depends on fresh information. If the polling scheme is infrequent, thenthe server-side security application 174 may not know the currentavailability of the alarm controller 106. Should the server-sidesecurity application 174 have to establish the Voice-over InternetProtocol call 142 to the alarm controller 106, outdated or staleinformation could delay the call 142. Exemplary embodiments may thusperiodically perform any of the polling schemes illustrated in FIGS.27-29. The server-side security application 174, for example, may sendthe wireline polling message 560 (illustrated in FIG. 28) and then waitfor receipt of the wireline response 562. After the wireline pollingmessage 560 is sent, the server-side security application 174 may sendthe wireless polling message 570 (illustrated in FIG. 29) and then waitfor receipt of the wireless response 572. The server-side securityapplication 174 may sequentially send the wireline polling message 560and then the wireless polling message 570 according to a predeterminedor random schedule. A timer may be initiated to countdown from apredetermined amount of time before a sequential polling message issent. If either response 562 and/or 572 is received, the timer may bereset and the predetermined or random schedule resumed.

Each response indicates status. When the server-side securityapplication 174 tests the availability of the wireline broadband networkconnection 500, the wireline response 562 indicates an available statusof the wireline broadband network connection 500. The wireless response572 similarly indicates that the wireless network connection 502 isonline and available. If a response is not received, though, theserver-side security application 174 may resend either the wirelinepolling message 560 and/or the wireless polling message 570. Theserver-side security application 174 may wait a predetermined amount oftime before resending either the wireline polling message 560 and/or thewireless polling message 570.

FIGS. 30 and 31 illustrate a reversion condition 580. If responses arenot received to the wireline polling message 560 or to the wirelesspolling message 570 (perhaps after one or multiple attempts), then theserver-side security application 174 may flag a communication error.That is, some type of network problem or error is preventing theserver-side security application 174 from communicating with theclient-side security application 122 operating in the alarm controller106. Here then the server-side security application 174 enters areversion condition 580. The server-side security application 174queries a reversion data table 582. The reversion data table 582 isillustrated as being locally stored in the security server 170, but thereversion data table 582 may be remotely stored and accessed via thepacket data network 104. The reversion data table 582 associates thenetwork IP address 162 of the alarm controller 106 to an emergencyaddress 584. The server-side security application 174 retrieves theemergency address 584 and sends an emergency message 586 to theemergency address 584. The emergency message 586 informs a human orcomputer application that communication has been lost with the alarmcontroller 106. Diagnostic or troubleshooting procedures may commence.

FIG. 31 illustrates an emergency PSTN telephone call 600. When theserver-side security application 174 fails to receive the wirelineresponse 562 and/or the wireless response 572 (illustrated,respectively, in FIGS. 28 and 29), here the server-side securityapplication 174 may enter a PSTN reversion condition 602. Theserver-side security application 174 again queries the reversion datatable 582. The server-side security application 174 retrieves anemergency telephone number 604 that is associated with the network IPaddress 162 of the alarm controller 106. The server-side securityapplication 174 calls or invokes a telephony application 606 andinitiates the call 600 to the emergency telephone number 604. Theemergency telephone call 600 is established along the plain oldtelephone system 146 to the emergency telephone number 604. Theemergency telephone call 600 alerts the emergency telephone number 604of a failed communication attempt to the network IP address 162 of thealarm controller 106.

FIG. 32 is a schematic further illustrating the polling scheme,according to exemplary embodiments. Here responses to polling messagesmay indicate a network path that was used to connect to the packet datanetwork 104. When the alarm controller 106 receives the wireline pollingmessage (illustrated as reference numeral 560 in FIG. 28), the alarmcontroller 106 sends the wireline response 562. Here, though, thewireline response 562 includes data or information that identifies thewireline broadband network connection 500. That is, the wirelineresponse 562 includes routing information 620 that indicates thewireline broadband network connection 500 was used to route the wirelineresponse 562 from the alarm controller 106 to the packet data network104. When the server-side security application 174 receives the wirelineresponse 562, the server-side security application 174 thus knows thatthe wireline broadband network connection 500 is online and available.

The wireless response 572 may also include the routing information 620.When the alarm controller 106 sends the wireless response 572, here therouting information 620 indicates that the wireless network connection502 was used to route the wireless response 572 from the alarmcontroller 106 to the packet data network 104. When the server-sidesecurity application 174 receives the wireless response 572, the routinginformation 620 informs the server-side security application 174 thatthe wireless network connection 502 is online and available.

FIG. 33 is a schematic illustrating a self-reporting feature, accordingto the exemplary embodiments. Here the client-side security application122 may periodically and automatically self-report its online status tothe security server 170. The client-side security application 122, forexample, may automatically send a wireline report message 630 over thewireline broadband network connection 500 to the packet data network104. The wireline report message 630 may include the routing information620 that indicates the wireline broadband network connection 500 isonline and available. The client-side security application 122 mayperiodically and automatically send a wireless report message 632 overthe wireless network connection 502 to the packet data network 104. Thewireless report message 632 may also include the routing information 620that indicates that the wireless network connection 502 is online andavailable. The client-side security application 122 may thus includeservice logic to simultaneously maintain packetized (e.g., InternetProtocol) communications with the central monitoring station 102 viaboth the wireline broadband network connection 500 and the wirelessnetwork connection 502. Network connectivity to each connection may beperiodically confirmed as needed or desired (such as multiple timesevery hour).

FIGS. 34 and 35 are schematics illustrating multiple alarm codes 640,according to exemplary embodiments. When the client-side securityapplication 122 detects the alarm condition 160, the client-sidesecurity application 122 sends the alarm message 128 to the IP alarmnotification address 130 associated with the security server 170. Thealarm message 128 may also include data that describes the alarmcondition 160, such as the alarm code 164 associated with the sensor108. FIG. 34, though, illustrates multiple alarm codes 640. When acatastrophic, emergency event occurs, multiple sensors may detectmultiple alarm conditions. A fire, for example, may be detected by aheat sensor and by a smoke sensor. If a window breaks (perhaps due tothe heat or an impact), a sound sensor may detect the sonic frequenciesof breaking glass. The alarm message 128, then, may include informationthat describes the multiple alarm codes 640 (e.g., heat sensor, smokesensor, and sound/glass sensor). When the security server 170 receivesthe alarm message 128, the server-side security application 174 receivesinformation describing the multiple alarm codes 640.

The server-side security application 174 may then consult an addressnotification table 642. The address notification table 642 isillustrated as being locally stored in the security server 170, but theaddress notification table 642 may be remotely stored from the securityserver 170. Regardless, the address notification table 642 maps,associates, or otherwise relates each alarm code 164 to thecorresponding alarm notification address 650. The address notificationtable 642 defines associations between a plurality of the alarm codes144 to a plurality of the alarm notification addresses 650. Each uniquealarm code 164 may have a different notification address 650. When theserver-side security application 174 receives the alarm message 128, theserver-side security application 174 reads each alarm code 164 of themultiple alarm codes 640. The server-side security application 174queries the address notification table 642 for each individual alarmcode 164 obtained from the alarm message 128. The server-side securityapplication 174 retrieves the corresponding alarm notification address650 associated with each alarm code 164. Each alarm code 164 may thushave a different alarm notification address 650.

As FIG. 35 illustrates, the server-side security application 174 maythen alert each alarm notification address 650. The server-side securityapplication 174 may send multiple emergency notifications 652, with eachemergency notification 652 destined for the alarm notification address650 associated with each alarm code 164. Each emergency notification 652may be of any type of message, such as email, page, text, facsimile,and/or voice. If the alarm code 164 is associated with a heat sensor,for example, the emergency notification 652 may be sent to the alarmnotification address 650 associated with a local fire department. If thealarm code 164 is associated with a sound sensor, the emergencynotification 652 may be sent to the alarm notification address 650associated with a local police department. The alarm code 164 may evenbe associated with multiple notification addresses 650. The alarm code164 for the sound sensor may be associated with the notificationaddresses 650 for the local police department and for an emergencymedical provider. As FIG. 35 also illustrates, when the notificationaddress 650 is a telephone number 654, the server-side securityapplication 174 may invoke the Voice-over Internet Protocol (“VoIP”)application 206 to establish the Voice-over Internet Protocol call 142to the telephone number 654.

FIG. 36 is a schematic illustrating a priority scheme, according toexemplary embodiments. When the alarm condition 160 is detected, theclient-side security application 122 sends the alarm message 128 intoand through the packet data network 104 to the IP alarm notificationaddress 130 associated with the central monitoring station 102. As thealarm message 128 routes along the packet data network 104, though, thealarm message 128 may encounter congestion. Network processing delayswithin the packet data network 104 may slow the propagation of the alarmmessage 128, thus delaying a response time from the central monitoringstation 102.

Exemplary embodiments may thus prioritize the alarm message 128. Whenthe client-side security application 122 sends the alarm message 128,the alarm message 128 may contain a health/safety priority designation660. The health/safety priority designation 660 alerts the packet datanetwork 104 that the packets associated with the alarm message 128 haveprocessing priority over all other packet traffic. When the alarmmessage 128 encounters a network bottleneck, the health/safety prioritydesignation 660 allows the alarm message 128 to move to a front of aqueue (e.g., last in, first out). The health/safety priority designation660 may have a standardized format that all network service providers,and all network equipment, recognize. The header portion 178 of thealarm message 128, for example, may contain a standardized bit sequencethat prioritizes a packet over all other traffic in the packet datanetwork 104. The health/safety priority designation 660 may cause anetwork server, router, gateway, or other device to stop processingpackets and to immediately admit, process, and route the alarm message128. When multiple messages are encountered, with each message havingthe health/safety priority designation 660, then rules may beestablished for processing competing alarm messages 118. An earliestdate/time stamp, for example, may prioritize an alarm message overlater-sent alarm messages.

FIG. 37 is a schematic illustrating a back-up power source 670,according to exemplary embodiments. The security system 100 and thealarm controller 106 may receive electrical power from a power source(such as the conventional electric grid). An electrical power failure,though, could prevent the alarm controller 106 from detecting the alarmcondition 160 and from sending the alarm message 128 to obtain help. Thealarm controller 106, then, may switch to the back-up power source 670.The back-up power source 670 may be a solar panel, a battery, a fuelcell, a generator, and/or any means for providing electrical current andvoltage to the alarm controller 106. When a local power failure occurs,the client-side security application 122 may thus utilize packetizedcommunications over the packet data network 104 to inform the centralmonitoring station 102 of the local power failure. When electrical poweris provided by the back-up power source 670, the client-side securityapplication 122 may send a back-up power message 672 over the packetdata network 104 to inform the central monitoring station 102. Whenelectrical power from the electric grid has been restored, theclient-side security application 122 may send a grid power message 674over the packet data network 104 to inform the central monitoringstation 102.

FIG. 38 is a schematic illustrating additional notification messages680, according to exemplary embodiments. When the alarm controller 106detects the alarm condition 160, FIG. 38 illustrates how the client-sidesecurity application 122 may send one or more additional notificationmessages 680. These additional notification messages 680 may be sent toany desired destination, such as a cell phone, a neighbor, a parent orchild, or a work address. The client-side security application 122 mayaccess a listing 682 of notification addresses, and the additionalnotification messages 680 may be sent to one or more of the entries inthe listing 682 of notification address. Here, then, exemplaryembodiments allow the client-side security application 122 to beconfigured to automatically send any type of message (SMS, MMS, email,page, text) or call when the alarm condition 160 occurs. The client-sidesecurity application 122 may additionally or alternatively be configuredto automatically send any type of message when any other event occurs,such as motion detection, water sensing, or momentary thresholddetection. The additional notification messages 680 may additionally oralternatively be sent from the server-side security applicationoperating in the security server (illustrated, respectively, asreference numerals 174 and 170 in FIG. 3). When the server-side securityapplication 174 receives the alarm message 128, the server-side securityapplication 174 may retrieve the listing 682 of notification addressesfrom local or remote memory. The server-side security application 174may then send the additional notification messages 680 to each entry inthe listing 682 of notification addresses.

FIG. 39 is a flowchart illustrating a method of providing securityservices, according to exemplary embodiments. All communications shownin FIG. 39 take place across the data network (illustrated referencenumeral 104) as indicated earlier. When an intruder breaks a windowglass, an alarm is sensed and the alarm message 128 is sent to a serviceprovider's server. The agent 132 at the monitoring center 102 isassigned, and the monitoring center 102 sends a notification to theremote customer (such as the customer's PDA). The agent 132 may alsocall the remote customer and request live video. When the agent sees theintruder on the live video data 186, the agent calls the police. Theremote customer may even be reached at a work computer and conference tothe live video data 186. The remote customer may thus watch the policeapprehend the intruder.

FIGS. 40-47 are schematics illustrating the IP data network 104architecture, according to exemplary embodiments. The data network 104is based on a combination of 3GPP IP Multimedia Subsystem (IMS) core andWeb Services. As earlier paragraphs explained, IMS utilizes Session

Internet Protocol (SIP) technology and supports session management.During an alarm condition, when a central monitoring station agent isattempting to contact a customer to verify that a legitimate alarmcondition exists prior to contacting the police, fire or EMS, the agentcould utilize IMS in the core network to establish an IMS session withthe customer which supports more than two participants on the call andthe ability for the participants to jointly access either live or storedvideo/audio from the alarm site. IMS supports point-to-point ormulti-point multimedia conferencing. IMS can operate in a mixed modewherein every participant does not have to have full multimediacapabilities, e.g., some participants may be on a mobile device or ananalog phone.

The data network may include both a SIP Core and Web Services.Communications may take place using either part, or even both the SIPCore and the Web Services (e.g., in the case of different communicationsneeded for IPTV). The IMS Core uses SIP and related protocols to controlreal time media flows between end-points carried by RTP. Mediaend-points may be user devices, gateways, or network media servers. TheIMS Core may be used when sessions require a sustained connection forreal-time “calls” between media endpoints. The Web Services use webprotocols to control a session between a user and an application. TheWeb Services may be used when individual “transactions” are needed.Applications in this case are network service logic that is unique tothe security service, and are distinct from supporting functions, e.g.,Media Servers, and Service Enablers.

FIG. 40 illustrates data flows between five main locations involved inthe security service. according to exemplary embodiments. FIG. 41 breaksout the various types of flows (voice, video, telemetry, and control)from FIG. 40 and explains their purpose, including the choice of the IMSCore vs. Web Services, and the elements that are involved in each flow.FIG. 42 provides a more detailed view of the entities within each of thefive main locations in the architecture, according to exemplaryembodiments. FIG. 43 illustrates a more detailed view of thearchitecture of the Service Provider Application Complex. FIG. 44illustrates a more detailed view of the architecture of the remoteuser's communications device, according to exemplary embodiments. FIG.45 illustrates a more detailed view of the architecture of themonitoring center 102, according to exemplary embodiments. FIG. 46illustrates a more detailed view of the architecture of the alarmcontroller 102, according to exemplary embodiments. FIG. 47 illustratesa more detailed view of the architecture of the media center, accordingto exemplary embodiments. Although the combined IMS Core/Web Servicesdata network is not shown in FIGS. 43-47, all communications traverseit.

FIG. 48 is a schematic illustrating local and remote configuration ofthe security system 100, according to exemplary embodiments. Here acustomer may locally and/or remotely configure the security system 100.The client-side security application 122 and/or the server-side securityapplication 174 permits the customer to arm the security system 100, armany peripheral devices, or disarm the security system 100. The customermay also locally and/or remotely adjust an HVAC system settings,lighting, irrigation, water heater, water softener, or any otherappliances. In usage case 1A, the customer is in the home and uses thesecurity system's control panel to configure the security system 100. Inusage case 1B, the customer is in the home and logs into the securitysystem 100 (such as by downloading a portal website, as earlierdescribed). In usage case 1C, the customer is remote and logs into theportal website (again, as earlier described). All communications shownin this diagram use the combined IMS Core/Web Services data network 104.

FIG. 49 is a schematic illustrating remote viewing of video data,according to exemplary embodiments. The customer downloads the websiteand logs in to the security system 100. When the customer requests videodata, the media center is notified and sends the requested video data tothe customer's device. All communications shown in this diagram use thecombined IMS Core/Web Services data network 104.

FIG. 50 is a schematic illustrating service administration, according toexemplary embodiments. Usage case 4 illustrates development of thesecurity service. Usage case 5 illustrates creation and branding of thesecurity service. Usage case 6 illustrates registration and billing. ASubscriber Management Portal authenticates access and allows customeraccess to settings, billing, alarm summary, and other features. The HomeSecurity Coordination Logic is the functional “glue” for all SPapplications. Media Management calls a Media enabler in response torequests from the client-side security application 122 and/or theserver-side security application 174. Connection Request Processing setsup connections to Monitoring Center for video streams, alarmnotification, and other functions. CCP, IdM, and Other Enablers provideaccess to key enablers. ACD selects an active monitoring center with anavailable agent. An External Application Gateway may be used if requiredfor hosting model. Application Architecture provides service deliveryframework, service marketplace (including product catalog and other keydatabases access; brokering between application stakeholders).Application Creation Environment includes enablers, event types,application binding, test/certification facilities, SDKs and libraries.Product/Offer Creation Environment enables product managers to brand andconfigure products/offers from CARTS app components. Management PortalIntegration facilitates the integration of new offers (e.g., homesecurity) with customer self-service portals. Service Metadata supportsthe capture of third party service metadata to facilitate targetedadvertising and the loose coupling of applications across three screens.The client-side security application 122 and/or the server-side securityapplication 174 includes logic that supports alarms, sensors(smoke/fire, door/window, glass breakage and motion). Administrationprovides the technician/customer an ability to locally and remotelyadminister the client-side security application 122 and/or theserver-side security application 174 (set security codes, define zones,define armed & disarmed states, specify camera access, etc.).Communication provides status, alarms and events, video/audiomonitoring, transmit images and video/audio and VoIP during an alarmcondition (Monitoring Center and Remote Customer). The cameras 110connect to video/audio streams and local storage of images andvideo/audio streams. In-Home Access allows the customer an ability toadminister and control via wall mounted keypads, PC, Cell phone or TV.Remote access provides the ability to remotely administer and controlvia PC or cell phone to control lights, HVAC, appliances, irrigationsystem, door locks. Battery backup provides backup power, includingBroadband and Cellular modems. All communications shown in this diagramuse the combined IMS Core/Web Services data network 104.

Exemplary embodiments may be applied regardless of networkingenvironment. The packet data network 104 may be the combined IMSCore/Web Services data network as discussed, or the packet data network104 may just use one of those two technologies. The packet data network104 may additionally or alternatively include a cable network operatingin the radio-frequency domain and/or the Internet Protocol (IP) domain.The packet data network 104, however, may also include a distributedcomputing network, such as the Internet (sometimes alternatively knownas the “World Wide Web”), an intranet, a local-area network (LAN),and/or a wide-area network (WAN). The packet data network 104 mayinclude coaxial cables, copper wires, fiber optic lines, and/orhybrid-coaxial lines. The packet data network 104 may even includewireless portions utilizing any portion of the electromagnetic spectrumand any signaling standard (such as the I.E.E.E. 802 family ofstandards, GSM/CDMA/TDMA or any cellular standard, and/or the ISM band).The packet data network 104 may even include powerline portions, inwhich signals are communicated via electrical wiring. The conceptsdescribed herein may be applied to any wireless/wireline communicationsnetwork, regardless of physical componentry, physical configuration, orcommunications standard(s).

FIG. 51 is a schematic illustrating still more exemplary embodiments.FIG. 51 is a generic block diagram illustrating the client-side securityapplication 122 and/or the server-side security application 174 mayoperate within a processor-controlled device 700. The client-sidesecurity application 122 and/or the server-side security application 174may be stored in a memory subsystem of the processor-controlled device700. One or more processors communicate with the memory subsystem andexecute the client-side security application 122 and/or the server-sidesecurity application 174. Because the processor-controlled device 700illustrated in FIG. 52 is well-known to those of ordinary skill in theart, no detailed explanation is needed.

Exemplary embodiments may be physically embodied on or in acomputer-readable storage medium. This computer-readable medium mayinclude CD-ROM, DVD, tape, cassette, floppy disk, memory card, andlarge-capacity disks. This computer-readable medium, or media, could bedistributed to end-subscribers, licensees, and assignees. These types ofcomputer-readable media, and other types not mention here but consideredwithin the scope of the exemplary embodiments. A computer programproduct comprises processor-executable instructions for alerting ofalarms from security systems.

While the exemplary embodiments have been described with respect tovarious features, aspects, and embodiments, those skilled and unskilledin the art will recognize the exemplary embodiments are not so limited.Other variations, modifications, and alternative embodiments may be madewithout departing from the spirit and scope of the exemplaryembodiments.

1. A method, comprising: detecting an alarm in a security system byreceiving an alarm code; associating the alarm code to a camera;retrieving video data from the camera; retrieving an alarm notificationaddress associated with the alarm; establishing a session with the alarmnotification address; and sending the video data over a packet datanetwork to the alarm notification address.
 2. The method according toclaim 1, further comprising retrieving archived video data associatedwith the camera.
 3. The method according to claim 2, further comprisingsending the archived video data over the packet data network to thealarm notification address.
 4. The method according to claim 1, furthercomprising retrieving audio data associated with the camera and sendingthe audio data over the packet data network to the alarm notificationaddress.
 5. The method according to claim 1, further comprisingretrieving archived audio data associated with the camera and sendingthe archived audio data over the packet data network to the alarmnotification address.
 6. The method according to claim 1, furthercomprising receiving a Voice-over Internet Protocol call from an agentat a central monitoring station.
 7. The method according to claim 1,further comprising routing the video data over a wireline broadbandnetwork connection to the packet data network.
 8. The method accordingto claim 7, further comprising routing the video data over a wirelessnetwork connection when the wireline broadband network connection isunavailable.
 9. A system, comprising: a processor executing code storedin memory that causes the processor to: detect an alarm in a securitysystem by receiving an alarm code; associate the alarm code to a camera;retrieve video data from the camera; retrieve an alarm notificationaddress associated with the alarm; establish a session with the alarmnotification address; send the video data to the alarm notificationaddress over a wireline broadband network connection to a packet datanetwork; and send the video data over a wireless network connection tothe packet data network when the wireline broadband network connectionis unavailable.
 10. The system according to claim 9, wherein the codefurther causes the processor to retrieve to a telephone number when thewireless network connection is unavailable.
 11. The system according toclaim 10, wherein the code further causes the processor to initiate aplain old telephone system call to the telephone number to alert of thealarm in the security system.
 12. The system according to claim 9,wherein the code further causes the processor to locally retrievearchived video data associated with the camera.
 13. The system accordingto claim 12, wherein the code further causes the processor to send thearchived video data to the alarm notification address.
 14. The systemaccording to claim 9, wherein the code further causes the processor toretrieve audio data associated with the camera and send the audio datato the alarm notification address.
 15. The system according to claim 9,wherein the code further causes the processor to retrieve archived audiodata associated with the camera and send the archived audio data to thealarm notification address.
 16. The system according to claim 9, whereinthe code further causes the processor to receive a Voice-over InternetProtocol call from an agent at a central monitoring station.
 17. Thesystem according to claim 9, wherein when both the wireline broadbandnetwork connection and the wireless network connection are available,then further comprising code that causes the processor to prefer thewireline broadband network connection over the wireless networkconnection.
 18. The system according to claim 9, further comprising codethat causes the processor to establish a conference over the packet datanetwork between an agent at a monitoring center and a remote conferenceparticipant.
 19. The system according to claim 18, further comprisingcode that causes the processor to send the video data to the remoteconference participant during the conference.
 20. A computer readablemedium storing processor executable instructions for performing amethod, the method comprising: detecting an alarm in a security systemby receiving an alarm code; associate the alarm code to a camera;retrieve video data from the camera; retrieving an alarm notificationaddress associated with the alarm; establishing a session with the alarmnotification address; when a wireline broadband network connection isavailable to a packet data network, then sending the video data to thealarm notification address over the wireline broadband networkconnection; when the wireline broadband network connection isunavailable, then sending the video data over a wireless networkconnection to the packet data network; when the wireless networkconnection is unavailable to the packet data network, then retrieving atelephone number; and initiating a telephone call to the telephonenumber to alert of the alarm in the security system.